From: JKingsnorth <john@johnkingsnorth.co.uk>
Date: Thu, 26 Feb 2015 14:08:38 +0000 (+0000)
Subject: CRM-10551: Only allow logged in users to remove information
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=297d1ef127882c439aa5d6ec912ed67cb85d4920;p=civicrm-core.git

CRM-10551: Only allow logged in users to remove information
---

diff --git a/CRM/Contact/BAO/Contact.php b/CRM/Contact/BAO/Contact.php
index 5a4d12a392..55017960ae 100644
--- a/CRM/Contact/BAO/Contact.php
+++ b/CRM/Contact/BAO/Contact.php
@@ -1859,8 +1859,14 @@ ORDER BY civicrm_email.is_primary DESC";
     }
 
     if ($contactID) {
-      // CRM-10551: Allow deletion of blanked location-based fields
+      // CRM-10551
+      // If a user has logged in, or accessed via a checksum
+      // Then deliberately 'blanking' a value in the profile should remove it from their record
+      $session = CRM_Core_Session::singleton();
       $params['updateBlankLocInfo'] = TRUE;
+      if (($session->get('authSrc') & (CRM_Core_Permission::AUTH_SRC_CHECKSUM + CRM_Core_Permission::AUTH_SRC_LOGIN)) == 0) {
+        $params['updateBlankLocInfo'] = FALSE;
+      }
       
       $editHook = TRUE;
       CRM_Utils_Hook::pre('edit', 'Profile', $contactID, $params);